Cyber risks prediction and analysis in medical emergency equipment for situational awareness

In light of the COVID-19 pandemic, the Medicines and Healthcare products Regulatory Agency administered the standards for producing a Rapidly Manufactured Ventilator System (RMVS) free of charge due to the United Kingdom’s shortfall of ventilator systems throughout health centers. The standards delineate the minimum requirements in which a Rapidly Manufactured Ventilator System must encompass to be admissible for usage within hospitals. This work commences by evaluating the standards provided by the government to identify any potential security vulnerabilities that may arise due to the succinct development standards provided by the MHRA. This research investigates what cyber considerations are taken to safeguard a patient’s health and medical data to improve situational awareness. A tool for a remotely accessible, low-cost ventilator system is developed to reveal what a malicious actor may be able to inflict on a modern ventilator and its adverse impact

On the feasibility of DoS attack on smart door lock IoT network

The Internet of Things (IoT) is one of the most extensive technological evolution of the computing network. This technology can transform the physical world into a virtual world for testing and emulation to evaluate the key issues present in the physical devices. This work aims to explore the security in IoT devices and demonstrates the security gaps in the behavior of the smart door lock. In this paper, we conducted two surveys to gather consumers' requirements about the IoT devices as to whether they do understand the security risks involves with these devices. Further, we carried out a denial of service attack on a smart lock device to demonstrate that such devices are not secure. This work also highlights the security weakness and suggest guidelines to improve the overall system using cloud and edge computing and authentication and access control-based solutions

Future industry internet of things with aero-trust security

The emerging techniques, such as the fifth-generation communications (5G), Internet of Things (IoT), blockchain, artificial intelligence, etc., are operating in unison will drive the transformation of global business forward. The 5G technology is expected to unleash a massive IoT ecosystems by providing massive connectivity for huge number of IoT devices with faster data rate, ultra-low latency, and low-cost access. The 5G networks will be designed to bring the level of performance needed for massive IoT and will enable a perceived fully ubiquitous connected world. Meanwhile, the blockchain being promoted as the fundamental for new business model in Future IoT (FIoT). This paper attempts to provide a set of new directions and ideas for research in 5G/6G enabled IoT and new technique trends in IoT. The current IoT are facing a number of challenges, such as massive IoT devices access, network performances, security, standardization, and critical applications. This paper investigates new technologies, such as 5G, zero-trust, and blockchain will catalyse the innovation in IoT. Specifically, a zero-trust security architecture for FIoT is proposed and a blockchain-based device authentication in IoT environment (BasIoT) is proposed that can provide massive secure device access in FIoT

DDoS cyber-incident detection in smart grids

The smart grid (SG) offers potential benefits for utilities, electric generators, and customers alike. However, the prevalence of cyber-attacks targeting the SG emphasizes its dark side. In particular, distributed denial-of-service (DDoS) attacks can affect the communication of different devices, interrupting the SG’s operation. This could have profound implications for the power system, including area blackouts. The problem is that few operational technology tools provide reflective DDoS protection. Furthermore, such tools often fail to classify the types of attacks that have occurred. Defensive capabilities are necessary to identify the footprints of attacks in a timely manner, as they occur, and to make these systems sustainable for delivery of the services as expected. To meet this need for defensive capabilities, we developed a situational awareness tool to detect system compromise by monitoring the indicators of compromise (IOCs) of amplification DDoS attacks. We achieved this aim by finding IOCs and exploring attack footprints to understand the nature of such attacks and their cyber behavior. Finally, an evaluation of our approach against a real dataset of DDoS attack instances indicated that our tool can distinguish and detect different types of amplification DDoS attacks

Cyber risks to critical smart grid assets of industrial control systems

Cybersecurity threats targeting industrial control systems (ICS) have significantly increased in the past years. Moreover, the need for users/operators to understand the consequences of attacks targeting these systems and protect all assets is vital. This work explores asset discovery in ICS and how to rank these assets based on their criticality. This paper also discusses asset discovery and its components. We further present existing solutions and tools for asset discovery. We implement a method to identify critical assets based on their connection and discuss related results and evaluation. The evaluation utilises four attack scenarios to stress the importance of protecting these critical assets since the failure to protect them can lead to serious consequences. Using a 12-bus system case, our results show that targeting such a system can increase and overload transmission lines values to 120% and 181% MVA, which can affect the power supply and disrupt service, and it can increase the cost up to 60%, affecting the productivity of this electric grid